Moin,

vielleicht Interessiert es ja den oder die einen oder anderen (Netzwerk-)Troll/in unter uns ;)

trolligst, d3non

-------- Original Message -------- Subject: [Cfp] Invited Talk on IPSec-VPN Auto-Configuration (Dr. Michael Rossberg) Date: Mon, 05 Nov 2012 21:52:39 +0100 From: Thorsten Strufe strufe@cs.tu-darmstadt.de

The Peer-to-Peer group cordially invites you to an invited talk by Dr. Michael Rossberg (TU Ilmenau), entitled:

"Scalable and Resilient Auto-Configuration of Virtual Private Networks"

When and where: 28. November 2012, 9:45 (c.t.) - 11:30am, in S2|02 C 110

Abstract: A fast and secure flow of information has crystalized as major criterion for the success of companies and authorities. In order to exploit untrustworthy networks for this, virtual private networks (VPNs) are deployed to guarantee data confidentiality, authentication, and integrity. Nonetheless, the associated manual deployment and operation is time-consuming and error-prone. This led to the development of numerous VPN auto-configuration approaches, but none of them addresses DoS resilience or robustness. The few scalable systems do not fulfill basic objectives, such as the use of private IP address ranges within the VPN. Thus, a novel concept for the automatic configuration of IPsec infrastructures has been developed. By utilizing well-understood peer-to-peer principles and hence relinquishing exposed central systems, the approach provides a basis for scalable and highly available VPNs. A key feature is the integration of indirectly connected VPN, while guaranteeing end-to-end security, at the same time. Furtheramore, due to the auto-configuration aspect it is possible to quickly react to DoS attacks. Additionally, the indirect security associations allow administrators to artificially reduce the number of direct connections as affected nodes will still be able to communicate via others. This can be utilized to reduce the number of outer IP addresses that can be gathered by an attacker, e.g., by wiretapping, and hence reduce the number of possible targets for DoS attacks. And while the construction of optimally resilient topologies can be shown to be NP hard, the classification of nodes in so-called availability zones still allow for planning topologies with calculable risks. The talk will cover aspects of the state-of-the-art in VPN autoconfiguration, the developed approach SOLID, as well as theoretical foundations for the design of DoS-resistant VPNs.

Short Bio: Dr. Michael Rossberg is a postdoc research fellow at the Telematik/Rechnernetze group of TU Ilmenau, where he received his PhD, in 2011, as well. His work on the autoconfiguration of IPSec VPNs has won several prices, and was awarded third place at the "Deutscher IT-Sicherheitspreis" in 2010.